package cn.itcast.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @version V1.0
 * @author: luoqianjin
 * @date: 2019/8/4 21:49
 * @description:
 */
@RestController
@RequestMapping("hello")
public class HelloController {
    @RequestMapping("add")
    @PreAuthorize("hasAnyAuthority('add')")//表示用户必须拥有add权限才能调用当前方法
    public String add() {
        return "add....";
    }

    @RequestMapping("delete")
    @PreAuthorize("hasAnyAuthority('delete')")//表示用户必须拥有ROLE_ADMIN角色才能调用当前方法
    public String delete() {
        return "delete....";
    }
}
